As the World Cup 2014 championship continues, the lancenet.com.br attack should serve as an eye opener for businesses whose employees may be taking breaks throughout the day to get the latest tournament updates. While we always recommend businesses hold security awareness education training to teach their employees about what not to click on, in this particular case, if employees simply visited the site, they could get infected. That is why we recommend the following course of action:
Antimalware technologies are critical. Businesses should have antimalware technologies in place such as gateways that can detect and filter out malware in real-time. That way if an employee does visit a site that contains a malicious ad, the technology will strip out the malware before the page even gets to the end-user.
Keep software up to date. Users should make sure they keep all their software updated with the latest patches. In this case, if the latest patch for Adobe Flash is installed, the exploit would fail. Itís not a simple task, but in order to minimize the chance of a successful exploit in your organization, administrators have to keep any software which consumes web-based content up to date. As revealed in our 2014 Trustwave Global Security Report, 85 percent of exploits detected were of third party plug-ins including Java, Adobe Flash and Acrobat Reader.
A recent Osterman Research survey of security professionals showed that malware has infiltrated 74% of organizations through the Web during the past year. Large sports events open the door to these kinds of attacks. Donít let your business be the next victim.